Merge pull request #215 from JRGTH/master

Option to force destroy jail in ZFS
2025-12-24 03:01:01 +01:00 · 2020-06-19 08:45:36 -06:00
parent 3fccba30d6 932f1afae1
commit 99bd323897
2 changed files with 18 additions and 6 deletions
--- a/usr/local/bin/bastille
+++ b/usr/local/bin/bastille
@@ -28,14 +28,17 @@
 # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
+PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
+
+bastille_colors_pre() {
+    ## so we can make it colorful
+    . /usr/local/share/bastille/colors.pre.sh
+}

 ## root check first.
 bastille_root_check() {
    if [ "$(id -u)" -ne 0 ]; then
-        ## so we can make it colorful
-        . /usr/local/share/bastille/colors.pre.sh
-
+        bastille_colors_pre
        ## permission denied
        echo -e "${COLOR_RED}Bastille: Permission Denied${COLOR_RESET}" 1>&2
        echo -e "${COLOR_RED}root / sudo / doas required${COLOR_RESET}" 1>&2
@@ -47,7 +50,8 @@ bastille_root_check

 ## check for config existance
 bastille_conf_check() {
-    if [ ! -r /usr/local/etc/bastille/bastille.conf ]; then
+    if [ ! -r "/usr/local/etc/bastille/bastille.conf" ]; then
+        bastille_colors_pre
        echo -e "${COLOR_RED}Missing Configuration${COLOR_RESET}" 1>&2
        exit 1
    fi
@@ -64,6 +68,7 @@ bastille_perms_check() {
    if [ -d "${bastille_prefix}" ]; then
        BASTILLE_PREFIX_PERMS=$(stat -f "%Op" "${bastille_prefix}")
        if [ "${BASTILLE_PREFIX_PERMS}" != 40750 ]; then
+            bastille_colors_pre
            echo -e "${COLOR_RED}Insecure permissions on ${bastille_prefix}${COLOR_RESET}" 1>&2
            echo -e "${COLOR_RED}Try: chmod 0750 ${bastille_prefix}${COLOR_RESET}" 1>&2
            echo
@@ -132,6 +137,7 @@ shift
 # Handle special-case commands first.
 case "${CMD}" in
 version|-v|--version)
+    bastille_colors_pre
    echo -e "${COLOR_GREEN}${BASTILLE_VERSION}${COLOR_RESET}"
    exit 0
    ;;
@@ -164,5 +170,6 @@ if [ -f "${SCRIPTPATH}" ]; then

    exec "${SH}" "${SCRIPTPATH}" "$@"
 else
+    bastille_colors_pre
    echo -e "${COLOR_RED}${SCRIPTPATH} not found.${COLOR_RESET}" 1>&2
 fi
--- a/usr/local/share/bastille/destroy.sh
+++ b/usr/local/share/bastille/destroy.sh
@@ -37,6 +37,7 @@ usage() {
 }

 destroy_jail() {
+    local OPTIONS
    bastille_jail_base="${bastille_jailsdir}/${TARGET}"            ## dir
    bastille_jail_log="${bastille_logsdir}/${TARGET}_console.log"  ## file

@@ -60,8 +61,12 @@ destroy_jail() {
        if [ "${bastille_zfs_enable}" = "YES" ]; then
            if [ -n "${bastille_zfs_zpool}" ]; then
                if [ -n "${TARGET}" ]; then
+                    OPTIONS="-r"
+                    if [ "${FORCE}" = "1" ]; then
+                        OPTIONS="-rf"
+                    fi
                    ## remove jail zfs dataset recursively
-                    zfs destroy -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}"
+                    zfs destroy "${OPTIONS}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}"
                fi
            fi
        fi